[Techtalk] ARP traffic
jfweber at eternal.net
jfweber at eternal.net
Tue Sep 18 17:14:14 EST 2001
** Reply to message from Subba Rao <subba9 at home.com> on Tue, 18 Sep 2001 10:28:38 -0400
** It looks like there is a lot of ARP traffic on the Internet again. We have seen
** it gradually subside after the CodeRed worm. Does anyone have any idea why this
** increase in ARP traffic?
a new variant of Code Red, called w32.nimda ( and variations of those
names)
There are suposed to be AV products to "clean" it off the newly
infected... ( So far it only infects w32 type boxes, BUT if you are
admin for those types , behind your firewall ... the lastest security
messages I'm getting is to cut off thier access to the web until safety
measures can be taken ( patches , updates etc from Microsoft <sigh>)
hope it helps ( BTW notice the mans is Admin backwards?) it apparently
uses net shares which it grants itself whilst hiding in a trojan
fashion... is especially virulent by email, as it poses as a *.exe file
which probably looks as if it comes from soemone one knows ( the old
Outlook address book play again... )
Blondely,
j
afterthought: Yes, I am an agent of Satan, but my duties are largely ceremonial.
More information about the Techtalk
mailing list